2

I'm trying to display SendGrid email statistics inside my Rails application.

So far, I've been able to display them in API's return format (e.g. [{"delivered"=>9, "unsubscribes"=>0, "repeat_bounces"=>2,....), but that's only if I put the plaintext username and password into my controller's private method because I cannot seem to use 'SENDGRID_USERNAME' and the 'SENDGRID_PASSWORD' environment variables. What's a guy to do?

In summation:

NewslettersController:

  before_action :set_client, only: :index

private

    def set_client
      @client = SendGridWebApi::Client.new('the plaintext username', 'the plaintext password')
    end

Newsletters Index View

<p><%= @client.stats.get %></p>

Is there another place where I can set @client where my view can get to it and my plaintext password can be hidden from the outside world? preferably a place I can put in secrets.yml?

@client = SendGridWebApi::Client.new('SENDGRID_USERNAME', 'SENDGRID_PASSWORD')

Returns an incorrect username and password, even though I got the plaintext username and password I'm using for testing from those variables, so I know that they're set to the correct ones.

Or, is there a way to use environment variables in either my controller or my view?

I'm able to set the variables in the Rails Console and then use them, but since they don't get saved I can't access them afterwords in my actual application.

foxtrotuniform6969
  • 3,527
  • 7
  • 28
  • 54
  • 1
    Check out [my answer](http://stackoverflow.com/questions/31196212/setting-test-environment-variables-in-rails-without-putting-in-source-code/31196487#31196487) to a related question and let us know how you make out. – steve klein Jul 07 '15 at 20:00

2 Answers2

1

It is better to add your secrets to system environments variables by using 

export SENDGRID_USERNAME=my-super-secret-username
export SENDGRID_PASSWORD=my-super-secret-password

Or alternatively add environment variables to bashrc file. Open bashrc file in your favorite text editor i.e. nano, vim, vi etc

sudo nano ~/.bashrc

and than add/save environment variable. After that you need to touch bashrc file using source command

source ~/.bashrc

In controller, access environment variable using ENV hash like

def set_client
  @client = SendGridWebApi::Client.new(ENV['SENDGRID_USERNAME'], ENV['SENDGRID_PASSWORD'])
end

In case you want to control your secrets from within your rails application, You can create a new initializer file and define environment variables there like

# config/initializer/environment_variables.rb
ENV['SENDGRID_USERNAME']='my-super-secret-username'
ENV['SENDGRID_PASSWORD']='my-super-secret-password'

Keeping env in initilizer is not a good approach as your secrets are still present in your code in plain text format and may be exposed. You must add this file to .gitignore file.

Shahzad Tariq
  • 2,767
  • 1
  • 22
  • 31
0

Although my solution is not secrets.yml, this works fine.

# config/initializers/my-supersecret-vars.rb
ENV['SENDGRID_USERNAME'] = 'my_super_secret_username'
ENV['SENDGRID_PASSWORD'] = 'my_super_secret_password'

Just remember to add it on your .gitignore

pauloancheta
  • 349
  • 2
  • 9